关键词: 差分隐私, 隐私预算分配, Stacking算法, 集成学习

Abstract: In order to solve the problem that homogeneous ensemble learning algorithms are more sensitive to noise and difficult to take into account both better predictive performance and effective privacy protection, a DPStacking algorithm based on differential privacy is proposed. This algorithm combines heterogeneous Stacking algorithms with differential privacy technology to optimize the privacy protection and its predictive performance. However, since both the low-level and high-level models of the Stacking algorithm can be composed of different learners, if a privacy budget allocation scheme is designed for a particular learner to provide differential privacy protection, this scheme is often not applicable to Stacking algorithms composed of arbitrary base learners and meta-learners. Based on this, a privacy budget allocation scheme based on meta-learners is designed, which allocates different privacy budgets to different components of meta-learners according to the Pearson correlation coefficient and the characteristics of differential privacy parallel combination. Through theoretical and experimental verification, DPStacking algorithm satisfies  ε-differential privacy protection. Compared with differential privacy random forest algorithm (DiffRFs), Adaboost algorithm (DP-AdaBoost), XGBoost algorithm (DPXGB), it can effectively guarantee data privacy while having better predictive performance, and better solve the problem that single homogeneous ensemble learning algorithm is more sensitive to noise.

Key words: differential privacy, privacy budget allocation, Stacking algorithm, ensemble learning